From: Remi Gacogne Date: Wed, 27 Sep 2023 23:25:11 +0000 (+0200) Subject: dnsdist: Fix the maximum size of a DoQ retry token X-Git-Tag: rec-5.0.0-alpha2~6^2~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dd9ebcf6dcba5c71f29b949bad0d8d4d73bc75a0;p=thirdparty%2Fpdns.git dnsdist: Fix the maximum size of a DoQ retry token --- diff --git a/pdns/dnsdistdist/doq.cc b/pdns/dnsdistdist/doq.cc index 8786c55d0f..1ba7a8a638 100644 --- a/pdns/dnsdistdist/doq.cc +++ b/pdns/dnsdistdist/doq.cc @@ -382,7 +382,7 @@ static std::optional getCID() return buffer; } -static constexpr size_t MAX_TOKEN_LEN = std::tuple_size{} /* nonce */ + sizeof(uint64_t) /* TTD */ + 16 /* IPv6 */ + QUICHE_MAX_CONN_ID_LEN; +static constexpr size_t MAX_TOKEN_LEN = std::tuple_size{} /* nonce */ + /* MAC */ crypto_secretbox_MACBYTES + sizeof(uint64_t) /* TTD */ + 16 /* IPv6 */ + QUICHE_MAX_CONN_ID_LEN; static PacketBuffer mintToken(const PacketBuffer& dcid, const ComboAddress& peer) {